package com.isoftstone.agiledev.hrdemo.login;

import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import com.isoftstone.agiledev.core.OperationPrompt;
import org.phantom.securityframework.api.domain.Account;
import org.phantom.securityframework.api.exception.AccountNotActivatedException;
import org.phantom.securityframework.api.exception.NullAccountException;

@Controller
public class LoginController {
	
	
	
//	@Resource
//	private AccountManager accountManager = null;
	@RequestMapping
	public OperationPrompt login(@RequestParam("account")String accountId,@RequestParam("password")String password,HttpSession session){
		
		session.setAttribute("test", accountId);
		
		try {
//			Account account = accountManager.get(accountId);
//			if(account==null){
//				return  new OperationPrompt("用户名/密码错误",false);
//			}
//			if(account.getPassword().equals(password)){
//				Subject subject = SecurityUtils.getSubject();
//				subject.login(new AccountToken(accountId,account.getPassword()));
//				return new OperationPrompt("登录成功",true);
//			}
//			Account account = new Account(accountId,password);
//			account.login();

			
			Account account =  new Account();
			account.login(accountId,password);
			Subject subject = SecurityUtils.getSubject();
			System.out.println(subject.getPrincipal());
			return  new OperationPrompt("登录成功",true);
		}catch(NullAccountException e){
			return  new OperationPrompt("用户名密码不能为空",false);
		}catch(UnknownAccountException e){
			return  new OperationPrompt("帐号不存在",false);
		}catch(AccountNotActivatedException e){
			return  new OperationPrompt("帐号已冻结",false);
		}catch(AuthenticationException e){
			return  new OperationPrompt("用户名密码错误",false);
		}catch (Exception e) {
			return  new OperationPrompt(String.format("服务器错误:%s",e.getMessage()),false);
		}
	}
	@RequestMapping
	public OperationPrompt logout(){
		SecurityUtils.getSubject().logout();
		return  new OperationPrompt("登出成功",true);
	}
	
}
